From 4d9b362dbfd2497d6dabf853b84706b5854397e9 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Sat, 29 May 2021 19:00:04 +0200 Subject: [PATCH] tenants: add migration to add default tenant Signed-off-by: Jens Langhammer --- authentik/tenants/migrations/0002_default.py | 40 +++++++ authentik/tenants/utils.py | 8 +- web/src/elements/table/Table.ts | 2 +- web/src/locales/en.po | 112 ++++++++++++++++++- web/src/locales/pseudo-LOCALE.po | 112 ++++++++++++++++++- 5 files changed, 263 insertions(+), 11 deletions(-) create mode 100644 authentik/tenants/migrations/0002_default.py diff --git a/authentik/tenants/migrations/0002_default.py b/authentik/tenants/migrations/0002_default.py new file mode 100644 index 000000000..b0e70ba9a --- /dev/null +++ b/authentik/tenants/migrations/0002_default.py @@ -0,0 +1,40 @@ +# Generated by Django 3.2.3 on 2021-05-29 16:55 + +from django.apps.registry import Apps +from django.db import migrations +from django.db.backends.base.schema import BaseDatabaseSchemaEditor + + +def create_default_tenant(apps: Apps, schema_editor: BaseDatabaseSchemaEditor): + Flow = apps.get_model("authentik_flows", "Flow") + Tenant = apps.get_model("authentik_tenants", "Tenant") + + db_alias = schema_editor.connection.alias + + default_authentication = ( + Flow.objects.using(db_alias).filter(slug="default-authentication-flow").first() + ) + default_invalidation = ( + Flow.objects.using(db_alias).filter(slug="default-invalidation-flow").first() + ) + + tenant, _ = Tenant.objects.using(db_alias).update_or_create( + domain="authentik-default", + default=True, + defaults={ + "flow_authentication": default_authentication, + "flow_invalidation": default_invalidation, + }, + ) + + +class Migration(migrations.Migration): + + dependencies = [ + ("authentik_tenants", "0001_initial"), + ("authentik_flows", "0008_default_flows"), + ] + + operations = [ + migrations.RunPython(create_default_tenant), + ] diff --git a/authentik/tenants/utils.py b/authentik/tenants/utils.py index f6ad0d21d..00367cab6 100644 --- a/authentik/tenants/utils.py +++ b/authentik/tenants/utils.py @@ -1,11 +1,11 @@ """Tenant utilities""" -from authentik.lib.config import CONFIG from typing import Any from django.db.models import Q from django.http.request import HttpRequest from authentik import __version__ +from authentik.lib.config import CONFIG from authentik.tenants.models import Tenant _q_default = Q(default=True) @@ -23,4 +23,8 @@ def get_tenant_for_request(request: HttpRequest) -> Tenant: def context_processor(request: HttpRequest) -> dict[str, Any]: """Context Processor that injects tenant object into every template""" - return {"tenant": request.tenant, "ak_version": __version__, "footer_links": CONFIG.y("authentik.footer_links")} + return { + "tenant": request.tenant, + "ak_version": __version__, + "footer_links": CONFIG.y("authentik.footer_links"), + } diff --git a/web/src/elements/table/Table.ts b/web/src/elements/table/Table.ts index af59253a0..993e3b924 100644 --- a/web/src/elements/table/Table.ts +++ b/web/src/elements/table/Table.ts @@ -167,7 +167,7 @@ export abstract class Table extends LitElement {
- ${inner ? inner : html``} + ${inner ? inner : html``}
diff --git a/web/src/locales/en.po b/web/src/locales/en.po index b62eb3de3..c0d115e4a 100644 --- a/web/src/locales/en.po +++ b/web/src/locales/en.po @@ -308,6 +308,7 @@ msgstr "Authentication" #: src/pages/sources/oauth/OAuthSourceForm.ts #: src/pages/sources/plex/PlexSourceForm.ts #: src/pages/sources/saml/SAMLSourceForm.ts +#: src/pages/tenants/TenantForm.ts msgid "Authentication flow" msgstr "Authentication flow" @@ -422,6 +423,14 @@ msgstr "Binding" msgid "Binding Type" msgstr "Binding Type" +#: src/pages/tenants/TenantForm.ts +msgid "Branding settings" +msgstr "Branding settings" + +#: src/pages/tenants/TenantForm.ts +msgid "Branding shown in page title and several other places." +msgstr "Branding shown in page title and several other places." + #: src/pages/admin-overview/cards/VersionStatusCard.ts msgid "Build hash: {0}" msgstr "Build hash: {0}" @@ -676,6 +685,10 @@ msgstr "Configure settings relevant to your user profile." msgid "Configure the maximum allowed time drift for an asseration." msgstr "Configure the maximum allowed time drift for an asseration." +#: src/pages/tenants/TenantListPage.ts +msgid "Configure visual settings and defaults for different domains." +msgstr "Configure visual settings and defaults for different domains." + #: src/pages/providers/oauth2/OAuth2ProviderForm.ts msgid "Configure what data should be used as unique User Identifier. For most cases, the default should be fine." msgstr "Configure what data should be used as unique User Identifier. For most cases, the default should be fine." @@ -812,6 +825,8 @@ msgstr "Copy download URL" #: src/pages/stages/prompt/PromptListPage.ts #: src/pages/stages/prompt/PromptStageForm.ts #: src/pages/stages/prompt/PromptStageForm.ts +#: src/pages/tenants/TenantListPage.ts +#: src/pages/tenants/TenantListPage.ts #: src/pages/user-settings/tokens/UserTokenList.ts #: src/pages/user-settings/tokens/UserTokenList.ts #: src/pages/users/UserListPage.ts @@ -881,6 +896,10 @@ msgstr "Create Stage" msgid "Create Stage binding" msgstr "Create Stage binding" +#: src/pages/tenants/TenantListPage.ts +msgid "Create Tenant" +msgstr "Create Tenant" + #: src/pages/user-settings/tokens/UserTokenList.ts msgid "Create Token" msgstr "Create Token" @@ -940,6 +959,18 @@ msgstr "Date Time" msgid "Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik." msgstr "Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik." +#: src/pages/tenants/TenantForm.ts +msgid "Default" +msgstr "Default" + +#: src/pages/tenants/TenantForm.ts +msgid "Default flows" +msgstr "Default flows" + +#: src/pages/tenants/TenantListPage.ts +msgid "Default?" +msgstr "Default?" + #: src/pages/events/TransportListPage.ts msgid "Define how notifications are sent to users, like Email or Webhook." msgstr "Define how notifications are sent to users, like Email or Webhook." @@ -960,6 +991,7 @@ msgstr "Define how notifications are sent to users, like Email or Webhook." #: src/pages/stages/StageListPage.ts #: src/pages/stages/invitation/InvitationListPage.ts #: src/pages/stages/prompt/PromptListPage.ts +#: src/pages/tenants/TenantListPage.ts #: src/pages/tokens/TokenListPage.ts #: src/pages/user-settings/settings/UserSettingsAuthenticatorWebAuthn.ts #: src/pages/user-settings/tokens/UserTokenList.ts @@ -1083,6 +1115,11 @@ msgstr "Disconnect" msgid "Docker URL" msgstr "Docker URL" +#: src/pages/tenants/TenantForm.ts +#: src/pages/tenants/TenantListPage.ts +msgid "Domain" +msgstr "Domain" + #: src/pages/crypto/CertificateKeyPairListPage.ts #: src/pages/providers/saml/SAMLProviderViewPage.ts #: src/pages/sources/saml/SAMLSourceViewPage.ts @@ -1145,6 +1182,7 @@ msgstr "Each provider has a different issuer, based on the application slug." #: src/pages/sources/saml/SAMLSourceViewPage.ts #: src/pages/stages/StageListPage.ts #: src/pages/stages/prompt/PromptListPage.ts +#: src/pages/tenants/TenantListPage.ts #: src/pages/user-settings/tokens/UserTokenList.ts #: src/pages/users/UserListPage.ts #: src/pages/users/UserViewPage.ts @@ -1489,6 +1527,14 @@ msgstr "Flow used by an authenticated user to configure this Stage. If empty, us msgid "Flow used for users to authenticate. Currently only identification and password stages are supported." msgstr "Flow used for users to authenticate. Currently only identification and password stages are supported." +#: src/pages/tenants/TenantForm.ts +msgid "Flow used to authenticate users. If left empty, the first applicable flow sorted by the slug is used." +msgstr "Flow used to authenticate users. If left empty, the first applicable flow sorted by the slug is used." + +#: src/pages/tenants/TenantForm.ts +msgid "Flow used to logout. If left empty, the first applicable flow sorted by the slug is used." +msgstr "Flow used to logout. If left empty, the first applicable flow sorted by the slug is used." + #: src/pages/providers/oauth2/OAuth2ProviderForm.ts #: src/pages/providers/proxy/ProxyProviderForm.ts #: src/pages/providers/saml/SAMLProviderForm.ts @@ -1656,6 +1702,10 @@ msgstr "ID" msgid "Icon" msgstr "Icon" +#: src/pages/tenants/TenantForm.ts +msgid "Icon shown in sidebar/header and flow executor." +msgstr "Icon shown in sidebar/header and flow executor." + #: src/pages/flows/FlowListPage.ts #: src/pages/system-tasks/SystemTaskListPage.ts #: src/pages/tokens/TokenListPage.ts @@ -1677,6 +1727,10 @@ msgstr "If enabled, use the local connection. Required Docker socket/Kubernetes msgid "If left empty, authentik will try to extract the launch URL based on the selected provider." msgstr "If left empty, authentik will try to extract the launch URL based on the selected provider." +#: src/pages/tenants/TenantForm.ts +msgid "If set, users are able to unenroll themselves using this flow. If no flow is set, option is not shown." +msgstr "If set, users are able to unenroll themselves using this flow. If no flow is set, option is not shown." + #: src/pages/stages/invitation/InvitationStageForm.ts msgid "If this flag is set, this Stage will jump to the next Stage when no Invitation is given. By default this Stage will cancel the Flow when no invitation is given." msgstr "If this flag is set, this Stage will jump to the next Stage when no Invitation is given. By default this Stage will cancel the Flow when no invitation is given." @@ -1738,6 +1792,10 @@ msgstr "Internal host SSL Validation" msgid "Invalidation" msgstr "Invalidation" +#: src/pages/tenants/TenantForm.ts +msgid "Invalidation flow" +msgstr "Invalidation flow" + #: src/interfaces/AdminInterface.ts #: src/pages/stages/invitation/InvitationListPage.ts msgid "Invitations" @@ -1934,6 +1992,10 @@ msgstr "Loading" #: src/pages/stages/password/PasswordStageForm.ts #: src/pages/stages/prompt/PromptStageForm.ts #: src/pages/stages/prompt/PromptStageForm.ts +#: src/pages/tenants/TenantForm.ts +#: src/pages/tenants/TenantForm.ts +#: src/pages/tenants/TenantForm.ts +#: src/pages/tenants/TenantForm.ts msgid "Loading..." msgstr "Loading..." @@ -1964,6 +2026,10 @@ msgstr "Logins" msgid "Logins over the last 24 hours" msgstr "Logins over the last 24 hours" +#: src/pages/tenants/TenantForm.ts +msgid "Logo" +msgstr "Logo" + #: src/pages/providers/oauth2/OAuth2ProviderViewPage.ts msgid "Logout URL" msgstr "Logout URL" @@ -2155,6 +2221,7 @@ msgstr "New version available!" #: src/pages/policies/PolicyTestForm.ts #: src/pages/providers/proxy/ProxyProviderViewPage.ts #: src/pages/providers/proxy/ProxyProviderViewPage.ts +#: src/pages/tenants/TenantListPage.ts #: src/pages/tokens/TokenListPage.ts #: src/pages/user-settings/tokens/UserTokenList.ts #: src/pages/users/UserListPage.ts @@ -2182,10 +2249,6 @@ msgstr "No Stages bound" msgid "No additional data available." msgstr "No additional data available." -#: src/elements/table/Table.ts -msgid "No elements found." -msgstr "No elements found." - #: src/elements/forms/ModalForm.ts msgid "No form found" msgstr "No form found" @@ -2195,6 +2258,10 @@ msgstr "No form found" msgid "No matching events could be found." msgstr "No matching events could be found." +#: src/elements/table/Table.ts +msgid "No objects found." +msgstr "No objects found." + #: src/pages/policies/BoundPoliciesList.ts msgid "No policies are currently bound to this object." msgstr "No policies are currently bound to this object." @@ -2691,9 +2758,14 @@ msgid "Recovery" msgstr "Recovery" #: src/pages/stages/identification/IdentificationStageForm.ts +#: src/pages/tenants/TenantForm.ts msgid "Recovery flow" msgstr "Recovery flow" +#: src/pages/tenants/TenantForm.ts +msgid "Recovery flow. If left empty, the first applicable flow sorted by the slug is used." +msgstr "Recovery flow. If left empty, the first applicable flow sorted by the slug is used." + #: src/flows/stages/authenticator_validate/AuthenticatorValidateStage.ts msgid "Recovery keys" msgstr "Recovery keys" @@ -3311,6 +3383,10 @@ msgstr "Successfully created source." msgid "Successfully created stage." msgstr "Successfully created stage." +#: src/pages/tenants/TenantForm.ts +msgid "Successfully created tenant." +msgstr "Successfully created tenant." + #: src/pages/user-settings/tokens/UserTokenForm.ts msgid "Successfully created token." msgstr "Successfully created token." @@ -3451,6 +3527,10 @@ msgstr "Successfully updated source." msgid "Successfully updated stage." msgstr "Successfully updated stage." +#: src/pages/tenants/TenantForm.ts +msgid "Successfully updated tenant." +msgstr "Successfully updated tenant." + #: src/pages/user-settings/tokens/UserTokenForm.ts msgid "Successfully updated token." msgstr "Successfully updated token." @@ -3540,6 +3620,15 @@ msgstr "Task finished with warnings" msgid "Template" msgstr "Template" +#: src/pages/tenants/TenantListPage.ts +msgid "Tenant" +msgstr "Tenant" + +#: src/interfaces/AdminInterface.ts +#: src/pages/tenants/TenantListPage.ts +msgid "Tenants" +msgstr "Tenants" + #: src/pages/applications/ApplicationViewPage.ts #: src/pages/events/TransportListPage.ts #: src/pages/policies/PolicyListPage.ts @@ -3634,6 +3723,7 @@ msgid "Timeout" msgstr "Timeout" #: src/pages/flows/FlowForm.ts +#: src/pages/tenants/TenantForm.ts msgid "Title" msgstr "Title" @@ -3750,6 +3840,10 @@ msgstr "Unbound policies" msgid "Unenrollment" msgstr "Unenrollment" +#: src/pages/tenants/TenantForm.ts +msgid "Unenrollment flow" +msgstr "Unenrollment flow" + #: src/pages/outposts/ServiceConnectionListPage.ts msgid "Unhealthy" msgstr "Unhealthy" @@ -3799,6 +3893,7 @@ msgstr "Up-to-date!" #: src/pages/sources/saml/SAMLSourceViewPage.ts #: src/pages/stages/StageListPage.ts #: src/pages/stages/prompt/PromptListPage.ts +#: src/pages/tenants/TenantListPage.ts #: src/pages/user-settings/UserDetailsPage.ts #: src/pages/user-settings/settings/UserSettingsAuthenticatorWebAuthn.ts #: src/pages/user-settings/settings/UserSettingsAuthenticatorWebAuthn.ts @@ -3884,6 +3979,10 @@ msgstr "Update SAML Source" msgid "Update Stage binding" msgstr "Update Stage binding" +#: src/pages/tenants/TenantListPage.ts +msgid "Update Tenant" +msgstr "Update Tenant" + #: src/pages/user-settings/tokens/UserTokenList.ts msgid "Update Token" msgstr "Update Token" @@ -3948,6 +4047,10 @@ msgstr "Use the user's username, but deny enrollment when the username already e msgid "Use this redirect URL:" msgstr "Use this redirect URL:" +#: src/pages/tenants/TenantForm.ts +msgid "Use this tenant for each domain that doesn't have a dedicated tenant." +msgstr "Use this tenant for each domain that doesn't have a dedicated tenant." + #: src/elements/events/ObjectChangelog.ts #: src/elements/events/UserEvents.ts #: src/pages/applications/ApplicationCheckAccessForm.ts @@ -4213,6 +4316,7 @@ msgstr "X509 Subject" #: src/pages/policies/PolicyTestForm.ts #: src/pages/providers/proxy/ProxyProviderViewPage.ts #: src/pages/providers/proxy/ProxyProviderViewPage.ts +#: src/pages/tenants/TenantListPage.ts #: src/pages/tokens/TokenListPage.ts #: src/pages/user-settings/tokens/UserTokenList.ts #: src/pages/users/UserListPage.ts diff --git a/web/src/locales/pseudo-LOCALE.po b/web/src/locales/pseudo-LOCALE.po index cce4799db..f57d337d2 100644 --- a/web/src/locales/pseudo-LOCALE.po +++ b/web/src/locales/pseudo-LOCALE.po @@ -304,6 +304,7 @@ msgstr "" #: #: #: +#: msgid "Authentication flow" msgstr "" @@ -418,6 +419,14 @@ msgstr "" msgid "Binding Type" msgstr "" +#: +msgid "Branding settings" +msgstr "" + +#: +msgid "Branding shown in page title and several other places." +msgstr "" + #: msgid "Build hash: {0}" msgstr "" @@ -670,6 +679,10 @@ msgstr "" msgid "Configure the maximum allowed time drift for an asseration." msgstr "" +#: +msgid "Configure visual settings and defaults for different domains." +msgstr "" + #: msgid "Configure what data should be used as unique User Identifier. For most cases, the default should be fine." msgstr "" @@ -810,6 +823,8 @@ msgstr "" #: #: #: +#: +#: msgid "Create" msgstr "" @@ -875,6 +890,10 @@ msgstr "" msgid "Create Stage binding" msgstr "" +#: +msgid "Create Tenant" +msgstr "" + #: msgid "Create Token" msgstr "" @@ -934,6 +953,18 @@ msgstr "" msgid "Decides what this Flow is used for. For example, the Authentication flow is redirect to when an un-authenticated user visits authentik." msgstr "" +#: +msgid "Default" +msgstr "" + +#: +msgid "Default flows" +msgstr "" + +#: +msgid "Default?" +msgstr "" + #: msgid "Define how notifications are sent to users, like Email or Webhook." msgstr "" @@ -958,6 +989,7 @@ msgstr "" #: #: #: +#: msgid "Delete" msgstr "" @@ -1075,6 +1107,11 @@ msgstr "" msgid "Docker URL" msgstr "" +#: +#: +msgid "Domain" +msgstr "" + #: #: #: @@ -1140,6 +1177,7 @@ msgstr "" #: #: #: +#: msgid "Edit" msgstr "" @@ -1481,6 +1519,14 @@ msgstr "" msgid "Flow used for users to authenticate. Currently only identification and password stages are supported." msgstr "" +#: +msgid "Flow used to authenticate users. If left empty, the first applicable flow sorted by the slug is used." +msgstr "" + +#: +msgid "Flow used to logout. If left empty, the first applicable flow sorted by the slug is used." +msgstr "" + #: #: #: @@ -1648,6 +1694,10 @@ msgstr "" msgid "Icon" msgstr "" +#: +msgid "Icon shown in sidebar/header and flow executor." +msgstr "" + #: #: #: @@ -1669,6 +1719,10 @@ msgstr "" msgid "If left empty, authentik will try to extract the launch URL based on the selected provider." msgstr "" +#: +msgid "If set, users are able to unenroll themselves using this flow. If no flow is set, option is not shown." +msgstr "" + #: msgid "If this flag is set, this Stage will jump to the next Stage when no Invitation is given. By default this Stage will cancel the Flow when no invitation is given." msgstr "" @@ -1730,6 +1784,10 @@ msgstr "" msgid "Invalidation" msgstr "" +#: +msgid "Invalidation flow" +msgstr "" + #: #: msgid "Invitations" @@ -1926,6 +1984,10 @@ msgstr "" #: #: #: +#: +#: +#: +#: msgid "Loading..." msgstr "" @@ -1956,6 +2018,10 @@ msgstr "" msgid "Logins over the last 24 hours" msgstr "" +#: +msgid "Logo" +msgstr "" + #: msgid "Logout URL" msgstr "" @@ -2150,6 +2216,7 @@ msgstr "" #: #: #: +#: msgid "No" msgstr "" @@ -2174,10 +2241,6 @@ msgstr "" msgid "No additional data available." msgstr "" -#: -msgid "No elements found." -msgstr "" - #: msgid "No form found" msgstr "" @@ -2187,6 +2250,10 @@ msgstr "" msgid "No matching events could be found." msgstr "" +#: +msgid "No objects found." +msgstr "" + #: msgid "No policies are currently bound to this object." msgstr "" @@ -2682,10 +2749,15 @@ msgstr "" msgid "Recovery" msgstr "" +#: #: msgid "Recovery flow" msgstr "" +#: +msgid "Recovery flow. If left empty, the first applicable flow sorted by the slug is used." +msgstr "" + #: msgid "Recovery keys" msgstr "" @@ -3303,6 +3375,10 @@ msgstr "" msgid "Successfully created stage." msgstr "" +#: +msgid "Successfully created tenant." +msgstr "" + #: msgid "Successfully created token." msgstr "" @@ -3443,6 +3519,10 @@ msgstr "" msgid "Successfully updated stage." msgstr "" +#: +msgid "Successfully updated tenant." +msgstr "" + #: msgid "Successfully updated token." msgstr "" @@ -3532,6 +3612,15 @@ msgstr "" msgid "Template" msgstr "" +#: +msgid "Tenant" +msgstr "" + +#: +#: +msgid "Tenants" +msgstr "" + #: #: #: @@ -3621,6 +3710,7 @@ msgstr "" msgid "Timeout" msgstr "" +#: #: msgid "Title" msgstr "" @@ -3738,6 +3828,10 @@ msgstr "" msgid "Unenrollment" msgstr "" +#: +msgid "Unenrollment flow" +msgstr "" + #: msgid "Unhealthy" msgstr "" @@ -3795,6 +3889,7 @@ msgstr "" #: #: #: +#: msgid "Update" msgstr "" @@ -3872,6 +3967,10 @@ msgstr "" msgid "Update Stage binding" msgstr "" +#: +msgid "Update Tenant" +msgstr "" + #: msgid "Update Token" msgstr "" @@ -3936,6 +4035,10 @@ msgstr "" msgid "Use this redirect URL:" msgstr "" +#: +msgid "Use this tenant for each domain that doesn't have a dedicated tenant." +msgstr "" + #: #: #: @@ -4202,6 +4305,7 @@ msgstr "" #: #: #: +#: msgid "Yes" msgstr ""